LinuxQuestions.org
Latest LQ Deal: Latest LQ Deals
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
Reload this Page Asst with IPTABLES
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 12-19-2006, 07:07 AM   #1
dutch1918
Member
 
Registered: May 2004
Location: Big Sky Country
Distribution: Suse 9.3
Posts: 34

Rep: Reputation: 15
Asst with IPTABLES

I want to block port 25 from 192.168.182.0/24. Would I use :

Code:
iptables -I FORWARD 2 -s 192.168.182.0/24 -p tcp --dport 25 -j DROP
or should it be

Code:
iptables -I FORWARD 2 -s 192.168.182.0/24 -d anywhere -p tcp --dport 25 -j DROP
Last edited by dutch1918; 12-19-2006 at 07:11 AM.
 
Old 12-19-2006, 07:35 AM   #2
amitsharma_26
Member
 
Registered: Sep 2005
Location: New delhi
Distribution: RHEL 3.0/4.0
Posts: 777

Rep: Reputation: 31
Look.. first, both of these two commands are absolutely equivalent. As in first case, -in the absence of -d, it would take it as anywhere itself.

Second, Just for the information part, while you run these block rules at FORWARD chain, you cant block packets for your own box.
 
Old 12-19-2006, 11:14 PM   #3
int0x80
Member
 
Registered: Sep 2002
Posts: 310

Rep: Reputation: Disabled
This should do:
Code:
iptables -I INPUT -s 192.168.182.0/24 -p tcp --dport 25 -j DROP
For debugging, you could:
1. Check output from iptables -nvL
2. Start a sniffer and use -j REJECT instead of -j DROP
3. Use the -j LOG target in conjunction with another chain
 
Old 12-19-2006, 11:27 PM   #4
Matir
LQ Guru
 
Registered: Nov 2004
Location: San Jose, CA
Distribution: Debian, Arch
Posts: 8,507

Rep: Reputation: 128Reputation: 128
If you want to block packets either that will be forwarded OR that will be destined for your box, there are two ways to do that:
Code:
iptables -t nat -I PREROUTING -s 192.168.182.0/24 -p tcp --dport 25 -j DROP
or
Code:
iptables -I FORWARD -s 192.168.182.0/24 -p tcp --dport 25 -j DROP
iptables -I INPUT -s 192.168.182.0/24 -p tcp --dport 25 -j DROP
The first one is more concise, but many people argue against doing filtering in the nat table (hence the filter table).
 
Old 12-20-2006, 07:26 AM   #5
dutch1918
Member
 
Registered: May 2004
Location: Big Sky Country
Distribution: Suse 9.3
Posts: 34

Original Poster
Rep: Reputation: 15
Actually I guess I should had clarified that I am using a Wifi Hotspot on a Linksys router were I want to block port 25. Anyway I got it working and thanks for everyones input.
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
iptables v1.2.9: Unknown arg `/sbin/iptables' Try `iptables -h' or 'iptables --help' Niceman2005 Linux - Security 4 12-29-2005 08:20 PM
Iptables - Couldn't load target `ACCPET':/lib/iptables/libipt_ACCPET.so: z00t Linux - Security 3 01-26-2004 02:24 AM
IPtables Log Analyzer from http://www.gege.org/iptables/ brainlego Linux - Software 0 08-11-2003 06:08 AM
iptables book wich one can you pll recomment to be an iptables expert? linuxownt Linux - General 2 06-26-2003 04:38 PM
My iptables script is /etc/sysconfig/iptables. How do i make this baby execute on boo ForumKid Linux - General 3 01-22-2002 07:36 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 10:04 AM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration